News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Limit registration by Email domain?

Started by AJRitz, February 02, 2007, 08:47:57 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

AJRitz

February 02, 2007, 08:47:57 PM
SMF Version: SMF 1.1.1
I'm considering moving from phpBB to SMF for a forum that is currently in development. The audience for my forum is limited to people who all have the same Email domain.  I would like to enable self-authentication for people registering with Email addresses from that domain, but require administrative approval for anyone else.  There's a hack for phpBB for this that works perfectly. But I prefer the security of SMF, and I like the packaged MODS (especially after completely hosing my test phpBB site multiple times already, trying to get hacks working). Can this be done with SMF?

donnoman

#1
July 02, 2007, 07:08:35 PM

Clear all of your Banned Email Triggers (You can keep other types of bans)

(You cannot ban individuals in the "allowed" domain by adding them to the ban list by email anymore)
(You must not ban any other email domains since the modification below negates the test)

edit sources\Security.php

find:
Code Select

// Checks if a given email address might be banned.
function isBannedEmail($email, $restriction, $error)

(...)

// ...and add to that the email address you're trying to register.
$request = db_query("
SELECT bi.ID_BAN, bg.$restriction, bg.cannot_access, bg.reason
FROM ({$db_prefix}ban_items AS bi, {$db_prefix}ban_groups AS bg)
WHERE bg.ID_BAN_GROUP = bi.ID_BAN_GROUP
AND '$email' LIKE bi.email_address
AND (bg.$restriction = 1 OR bg.cannot_access = 1)", __FILE__, __LINE__);


Change to:
Code Select


// ...and add to that the email address you're trying to register.
$request = db_query("
SELECT bi.ID_BAN, bg.$restriction, bg.cannot_access, bg.reason
FROM ({$db_prefix}ban_items AS bi, {$db_prefix}ban_groups AS bg)
WHERE bg.ID_BAN_GROUP = bi.ID_BAN_GROUP
AND '$email' NOT LIKE bi.email_address
AND (bg.$restriction = 1 OR bg.cannot_access = 1)", __FILE__, __LINE__);



Specifically (if you missed it): AND '$email' NOT LIKE hxxp:bi.email [nonactive]_address

Now in the Ban Config List

Create a new ban.


Reason:  Registration restricted to <domain you want to display> addresses.

I did a partial ban, with "cannot register" since I wanted to grandfather some existing accounts in and still let them work.


Under the trigger:

Ban on Email address: *@<domain you want to allow>
Print
Go Up Pages1
User actions
Advertisement: